X.509 certificate overview + status
Werner Koch
wk at gnupg.org
Tue Mar 3 02:58:47 EST 2009
On Mon, 2 Mar 2009 17:35, marcus.brinkmann at ruhr-uni-bochum.de said:
> Ubuntu comes with dumpasn1. There are also quite a few libraries.
You may also import the certificate into GnuPG ("gpgsm --import foo")
and run "gpgsm --dump-cert" to get a human readable printout. Example:
$ gpgsm --dump-cert 0x39F4F81B
/home/foo/.gnupg/pubring.kbx
---------------------------
ID: 0x39F4F81B
S/N: 01D8
Issuer: CN=12R-CA 1:PN,O=Bundesnetzagentur,C=DE
Subject: CN=TeleSec PKS SigG CA 17:PN,O=Deutsche Telekom AG,C=DE
sha1_fpr: 13:0C:16:2D:91:68:7C:E0:AE:95:6F:11:08:34:3A:26:39:F4:F8:1B
md5_fpr: D7:2B:65:D3:E6:5C:54:DB:B7:4A:47:49:6E:CF:36:F1
certid: D6C0C14EE753E3D147C0827A4C8D579F130DEFD4.01D8
keygrip: EC4EC0D13B47680C28869929D76B3357838CEC11
notBefore: 2007-11-08 09:22:57
notAfter: 2012-01-01 12:00:00
hashAlgo: 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
keyType: 2048 bit RSA
subjKeyId: 57A001BB58498529AEE9DFAD6810FA056F5F3A9B
authKeyId: [none]
authKeyId.ki: 04DE9D7FDF437289BA694901F4E84928DE02196F
keyUsage: certSign
extKeyUsage: [none]
policies: 1.3.36.8.1.1
chainLength: 0
crlDP: ldap://ldap.nrca-ds.de:389/CN=CRL,O=Bundesnetzagentur,C=DE,dc=ldap,dc=nrca-ds,dc=de?certificateRevocationList;binary?base?objectClass=cRLDistributionPoint
issuer: none
authInfo: 1.3.6.1.5.5.7.48.1 (ocsp)
http://ocsp.nrca-ds.de:8080/ocsp-ocspresponder
subjInfo: [none]
extn: 1.3.6.1.5.5.7.1.3 (qcStatements) [12 octets]
extn: 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) [62 octets]
extn: 1.3.6.1.4.1.8301.3.5 (validityModel) [14 octets]
CERTID and KEYGRIP are GnuPG specific.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list